Archive for the ‘Wordpress’ Category

My weblog was not very active lately. Mostly, this is because I’m posting a lot on Twitter (in Dutch however) and post some articles on the weblog of the company I’m working for. Especially the post on Devoxx is an interesting read in my opinion.

However, I’m planning to change this. It is not that I don’t like writing, and in my experience, when I write an article on a specific subject, I have the habit of do some research on it which increase my knowledge on the subject on the go. I have some articles in draft and some others planned to write. With the new year approaching, increased writing sounds like a good intention for the upcoming year.

In order to mark this change, I’ve decided to change the look of my site a bit and add some additional features on it (especially a Mobypicture widget). The new look is not yet finished, but that will come over time.

This week, the WordPress development team released version 2.3 of WordPress. I did not upgrade yet, because I didn’t have the time yet. Because I’m not very enthusiastic on the source code of WordPress, I’m a little bit wary when upgrading WordPress to a new version, mainly because of the number of bugs that pop up in the weblog software. However, Jeff Waugh has documented his upgrade of WordPress to version 2.3 and did not fiind any problems. I will give it a try this weekend.

The most important change in version 2.3 of WordPress is the introduction of tags instead of categories. I think this is a good idea, since I already use the WordPress categories as tags.

Today, I fixed the images on my weblog of past articles. Because I moved my weblog to another subdomain, all links to pictures were invalid, resulting in no pictures at all on my weblog. Now, I simple created a symlink from the old location of my pictures to the new one, and that seems to work. While doing this, I also discouvered that it was possible to brows the directories on my webserver, which is a small security issue. Obviously, I fixed that as well.

Amersfoort
Last Saturday, I had to go to Amersfoort. Because I was a little earlier than planned, I took the opportunity to take some pictures (it was very nice weather). Below is a picture of the railway station, where one of the electronic notice boards can be seen. The NS is experimenting with these boards in order to replace the old-fashioned signs that are currently used on most railway stations. I think it is an improvement on readability.

It seems that the source code package of WordPress 2.1.1 was compromised by a hacker. Some files, mainly related to RSS-feed generation, was injected with code which opens a backdoor. Obviously, this caused a large number of weblogs vulnerable. The cracker got user-level access to the download server of WordPress, and changes the download of version 2.1.1. The subversion repository wasn’t compromised, and also older versions weren’t. So if you’re using version 2.1.1, you should upgrade to version 2.1.2. Not all downloads of 2.1.1 are vulnerable, but the developers are not sure when the crach has happened.

This made me wonder why they don’t provide md5 sums for the download package. That way, it could be detected much earlier that the download was compromised. In the discussion on the mailing list, nobody came up with this idea.

Power supply
As I may have mentioned earlier on my weblog, the power supply of my server died a few weeks ago. The part was only four months old, so it was covered under warranty. I sent it to the shop where I bought the thing (Alternate) and got a replacement power supply in about two weeks. Unfortunately, they required to include all the accessories with the power supply. Because I bought the PSU along with a casing for my server, I wasn’t sure which accessories belong to the PSU, and which were part of the casing. So, I included a 24-pins-to-20-pins converter for connecting the PSU to older mainboards. That turned out to be a mistake, because that part didn’t belong to the PSU and the new PSU I received didn’t include such a converter. That was a bit of a problem, because I needed such a thing. Shops generally account 5 to 10 euro for such a small thing (it is only a few wires with two connectors…). I decided to sent a e-mail explaining the situation, and two days later I got a new converter in the mail, for free. That’s good service if you ask me.

As I mentioned in my last post, I have a little comment spam problem. This problem resulted in over 30.000 spam comments on my weblog (most of them are deleted now, but still some 2000 remain). The problem is that there are actually some non-spam comments on my webliog (yes, it seems strange, but it is true 🙂 ). Because most spam comments are on only a few posts, it would be helpful to ‘mass edit’ the comments of one post. In current versions of WordPress, this is not possible. So, I created a patch which enables this (it was pretty easy). During the creation of this patch, I noticed that the source of the admin part (I didn’t look at the other parts) of WordPress is a bit of a mess. Different kind of block separators are used (both brackets and ‘endif’s) and the commenthandling should be abstracted to some classes (it is now in a very long php-file without any functions). I expected the WordPress code to be cleaner than this. Even some ‘low profile’ php projects have cleaner source code. The ‘comment management’ code is duplicated in at least two files…

I also installed some anti-spam plugins on my weblog. I hope these will block most of the spam. I am also tracking some visitor statistics, for which I’ve created a plugin (not available yet for the public, because it is not finished yet).
I also discovered that my current archive goes back to the beginning of 2005. However, I’m already blogging since early 2004. I thought I lost most of these posts during a harddisk crash, back in 2004. In a recent cleanup of my harddisks, I found a very old databasedump of my weblog, with posts from the start of my weblog until the beginning of august 2004. I’m planning to import these posts in the current archive. This is not very straightforward, because the database id’s overlap with the current posts, and also the categories are different than now.